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(S) Secure toll collection system for moving vehicles. 

(57) A secure toll payment system is realized by 
transmitting a changeable encryption code 
from roadside equipment (1,2,310,320,330) at a 
toll plaza to a moving vehicle. Thereafter, the 
moving vehicle uses it to encrypt payment infor- 
mation according to the Data Encryption Stan- 
dard algorithm. The moving vehicle transmits 
the encrypted payment information to the road- 
side equipment which performs a credit or debit 
transaction. Because the encryption code 
changes from time to time, so, too, does the 
nature of the signal which is transmitted by the 
vehicle; fraud, based on electronic eavesdrop- 
ping, is substantially eliminated. The encryption 
code comprises an 8-bit random number and a 
time/date number. Vehicle-mounted apparatus 
includes a transponder unit and a portable 
smart card which inserts therein. The roadside 
equipment includes a pair of spaced-apart 
antennas (1,2) that are sequentially located 
along an express payment lane at a toll plaza, 
and a computer (310) which controls them. 
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Technical Field 

This invention relates to automatic payment sys- 
tem general, and more particularly to electron, 
toll collection for moving vehicles. 



p^kgrmind of the Invention 



imiAss a willingness exists to embrace mass 

sSbas=s=s= 

day travel due to population growth and the coste 
Srsonal and environmental) associated with higb- 
Sys packed with automobiles - each prying one 
Inn one of the costs comes in the form of high- 
ZZ£Z a "^sh that accompanies 
To^affic delays. However, until more convenient 

way congestion problem, and nowhere is it worse 

than around toll booths. 

Z use of toll booths on highways » viewed as 
a mixed blessing by motorists. Most will agree the 
safe Sh-sp eed well-maintained highways are vitol 

opnsive- and that toll booths provide an equitable way 
o pay fo the- On the other hand most w*. agree 
that stopping in order to pick up a ticket and or make 
a plylnt is an annoyance, particuiarly dunng peak 
*Eeriodswhen toll paymentqueues exceed sev- 

SXtes. The fuel wasted and pollution , created^ 

the annoyance displayed by motonsts when encoun 
theless. the desire for increased transit speed ap- 
Pea n?PaSI;4 338.587disc.osesavehide W loo.- 

"^'l" «. SC e D tible to fraud. For example, the 
rlSi i'SSS- information (the iioense 
Sr of another vehicle) is not «•»«•"■ the 
th« owner of the other vehicle is billed. 



coltador for toll roads which requires the driver of a 
S to Ct an integrated circuit (JC) card into 
ul.iL n th The IC card stores both license and 

« the card holder's bank account, and means are pro- 

5 ^ comparing the license 

a rh.al license plate which is acquired as the vehicle 
P S trough the toll booth. However, this system 

rsrrr^-^eds^ 

St fraud comes at great inconvenience to both 
££d holder and the highway authority. CM* 
„ era should be able to pay the toil for any vehi^hat 
they happen to be in (a friend's car, a rental car, etoj, 
nXstspecific vehicles; and additional equipments 

- sssssksshss 

\j » *hot aHarhes to the windshield ol a vemc»e 
25 SSiSSSi^ sign, when it enters 
anelctromagnetic field having P-««££ 
acteristics. Because such transponders operate aire 
dto Jequencies. they have become known as RF- 

30 togs. Unfortunately, ^^^ m ^Zl 
3y easy in such a system; the transmitted WentrfK 
, signal can be intercepted, recorded, and re- 
£5 another vehicle to avoid toll payments. 
C^^eafactoflifethatvmentheftistooeasy 

and when theft requires great effort, even scou 

^Tsystems where payments are made by the 
transfer of data, care must be token to assure that the 
^oresents an accurate indication of the purport- 

tion is charged to the wrong person; and if the casn 
batonWa debit card is increased in an unautho- 
Sed manner, then the credtor is 
Therefore desirable to provide a secure toll collecbon 
so scheme for moving vehicles. 



c;„ mma r ya f the Invention 

In accordance with the invention, secure toll pay- 

verification number to a moving vehicle. Thweauw 
Z moving vehicle uses the verif ication number to 
encrypt he verification number according to a prede- 
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ter mined algorithm and then broadcasts the resulting 
signal. Because the verification number changes 
from time to time, so too does the nature of the signal 
which is broadcast by the vehicle; and fraud, based 
on electronic eavesdropping, is substantially eliminat- s 
ed. 

In an illustrative embodiment of the invention, the 
verification number comprises an 8-bit random num- 
ber and a time/date number. A smart card is inserted 
into a vehicle-mounted transponder unit, but is easily w 
removed and carried by the vehicle owner. Being no 
larger than a conventional credit card, the smart card 
can be carried in the owner's wallet Approximately 
one-half second is allocated to the smart card and 
transponder unit for processing, and a pair of spaced- 1 5 
apart antennas are sequentially positioned in an ex- 
press payment lane at a toll plaza to accommodate 
vehicles moving at high speed. 

In the illustrative embodiment, a debit card is 
locked during the debit process, and unlocked when 20 
it is successfully completed. This prevents fraud by 
those who would remove the card from the trans- 
ponder during the debit process in orderto avoid mak- 
ing payment. 

Security, is further improved by use of the Data 25 
Encryption Standard (DES) algorithm, stored in the 
the smart card's memory, to encrypt the encryption 
code intociphertext. DES has the advantage that it 
is well known and documented. It is a private key sys- 
tem that is highly secure as long as the private key is 30 
kept secret. DES has the furt her advantage that its ci- 
pher text output is reversible -i.e, cipher text C can be 
decrypted back into the original message Musing the 
same private key. 

35 

Brief Description of the Drawing 

The invention and its mode of operation will be 
more clearly understood from the following detailed 
description when read with the appended drawing in 40 
which: 

FIG. 1 is a bird's eye view of a highway toll plaza 
that includes an express lane for toll collection us- 
ing a two-antenna system in accordance with the 
invention; 45 
FIG. 2 illustrates a futuristic high speed toll collec- 
tion system in accordance with the invention; 
FIG. 3 discloses a block diagram of the equip- 
ment located at a toll plaza for collecting pay- 
ments in accordance with the invention; 50 
FIG. 4 shows a transponder mounted on the in- 
terior windshield of a vehicle and a motorist in- 
serting/removing the smart card; 
FIG. 5 shows a transponder with a smart card in- 
serted therein such as used in the present inven- 55 
tion; 

FIG. 6 discloses a block diagram of the trans- 
ponder used in the present invention; 



FIG. 7 is a block diagram of the major functional 
components of a smart card interconnected to a 
reader/writer unit and their general interconnec- 
tion with each other; 

FIG. 8 is a flow diagram that illustrates the vari- 
ous steps performed in practicing the invention; 
FIG. 9 discloses the format of a 128-bit trans- 
ponder data frame comprising fixed and variable 
data frames; 

FIG. 10 discloses the format of the fixed data 
frame portion of the transponder data frame; 
FIG. 11 discloses the format of the variable data 
frame portion of the transponder data frame, 
transmitted by the vehicle to antenna 1 of the 
Roadside Reader (RSR), immediately after an 
activation signal is received; 
FIG. 12 discloses the format of the variable data 
frame portion of the transponder data frame 
transmitted by the RSR to the vehicle from anten- 
na 1 , this information is also referred to as the en- 
cryption code; 

FIG. 13 discloses the format of the variable data 
frame portion of the transponder data frame 
transmitted by the vehicle to antenna 2 of the 
RSR; and 

FIG. 14 discloses the format of the variable data 
frame portion of the transponder data frame 
transmitted by the RSR to the vehicle from anten- 
na 2, this information is also referred to as the en- 
crypted acceptance message. 

Detailed Description 

Briefly, the present invention resides in a system 
that allows vehicles to pass through specially de- 
signed toll booths at relatively high speeds - at least 
as high as safety considerations allow. As motorists 
approach the toll booth, they insert a smart card into 
a transponder unit which reads identification informa- 
tion stored on the card and transmits it, via radio fre- 
quency, to a roadside reader (RSR) which comprises 
a pair of spaced-apart antennas and a computer (Pla- 
za Server) which serves the toll booth in matters of 
electronic toll payment. In response, the RSR either 
debits the card or charges the toil to the motorist's ac- 
count. The details of this transaction are then trans- 
mitted from the roadside controller back to the trans- 
ponder, and a record is written into the smart card. 
This system is implemented in such a way that it op- 
erates with fixed or variable payment toll booths. Fur- 
ther, techniques are disclosed that prevent fraud 
while providing maximum convenience to both the 
motorist and the highway authority. These benefits 
will become apparent as the details of implementation 
are revealed. 

FIG. 1 discloses a bird's eye view of a toll pay- 
ment area which uses the toll collection system of the 
present invention. The toll payment area comprises 
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an enlarged portion of highway and a number of tod 
collection booths 41-45. Such toll booths may be to- 
cated at the entrance of a limited access highway 
bridge or tunnel where fixed amounts of money are 
collected for the privilege of using that parte* fa- 
cility or where tickets are given to each vehicle that 
fndteate the location where it entered the highway 
Su ch toll booths may also be located at the ex* of a 
limited access highway where they are used , to the 
collection of variable tolls. There, tickets are collected 
Z avoid possible fraudulent use later) and payment 
s determined by the particular entrance where the 
vehicle entered the highway. The present invention is 
suitable for use in all of these situations 

The enlarged portion of highway includes lane 30 
which is used by motorists who wish to use cash or 
tokens in making toll payments. Unfortunately, mak- 
ing such payments requires that vehWes come to a 
complete stop, and frequently they mus wart un« 
others have completed their payment before ban- 
ning their own transaction at one of the tot booths 42- 
45 The enlarged portion of highwayalso includes ex- 
press lane 20 which Is used by motorists who are 
equipped to make electronic payment without stop- 
p^ Prior to entering lane 20, however, the motons 
inserts a payment cart into a transponder un.t that 
mounts on the windshield (see FIG. 4] , or dashed 
of vehicle 50. Information from the card .s loaded mto 
1 transponder which awaits an action signa 
from antenna 1. The activation signal « tnggered 
when a vehicle drives over a loop sensor 25 which, i- 
lustratively, is embedded in the roadway just poor to 
reaching antenna 1 . Alternatively, antenna 1 conbnu- 
ously broadcasts an activation signal. In either sce- 
nario, the activation signal triggers an information ex- 
change between the transponder and antenna 1 . Fur- 
ther along lane 20, antenna 2 is positioned to ex- 
change additional information with the transponder 
unit in vehicle 50. These antennas are spaced . apart 
to provide atime interval (approximately 500 millisec- 
onds) whfch is used for processing the ^ 
ceived from antenna 1 before exchanging addtoonal 
information with antenna 2. The results ; of these ^ex- 
changes are displayed on message ^display 3 ^lusfra- 
tively. an overhead sign) under control of a Lane Con- 
Se which tells the motorist either to continue 
ahead in lane 21,ortopul. over intone 22 whereto 
booth 41 is located. Motorists would be asked to pull 
over, for example, when there are insuf I *.ent funds 
within the card (when debit cards are used), when the 
25 has been reported as being .ost or sto en. when 
data transmission errors are detected, etc At toll 
booth 41. motorists can purchase debit cards, make 
cash payment (usually because they have inadver- 
tently entered express lane 20). or '"^ase the mon- 
ey balance on their existing debit card. A video cam- 
era 4 is positioned to photograph the license plates of 
vehicles that do not make the proper payment, pos- 



sess a lost/stolen debit card, or are driving a vehicle 
that does not correspond to the vehicle class infor- 
mation stored in the debit card. 

FIG 2 illustrates a futuristic view of a mulWane 
5 system tothe rapid payment of tolls. It is noted that 
a single structure 10combinesthefunct.onsof anten- 
na^, 2 and display 3 shown in FIG. 1 The multipte 
data exchanges between the transponder in the ve- 
hicle and structure 10 can occur at data processing 
10 speeds which permit the use of a single ^antenna - 
such as shown. The cost associated with higher date 
precessing speeds sugge^tethat it ism^c^effec- 

tive. at the present time, to use a pair of spaced-apart 
antennas. Nevertheless, the present invention is 
is adaptable to a single antenna system. 



EQUIPMENT 

Elements of the preferred embodiment are 
shown in FIG. 3 which illustrates the vanous ; rtems 
used for providing rapid toll collection in a multi-lane 
svstem. Plaza Server 310 is, illustratively, an 
AT&T/NCR (3400 Class) computer which communi- 
cates with a Toll Authority host computer, via tele- 
25 phone lines (9.6 - 56Kb/s). and with the equipment 
2 Ltmonitorsandserve,anumberofhighsp M dpay- 
ment lanes. Roadside Reader (RSR) 320 and Lane 
Controller (LC) 330 each handle up to four lanes un- 
der control of the P.aza Server 310. M though add. 
3 o tionalRSRsandLCsmaybeconnectedtotheServer 
onlyoneofeachisshownforthesakeofdanfyingthe 

invention. Similarly, only the apparatos needed to 
handle a single high speed lane is shown. Loop 25 
senses an oncoming vehicle in a particular high 
35 speed payment lane and delivers this information to 
Server 310 via LC 330. Antenna 1 then transmits an 
activation signal to the oncoming vehide under con- 
trol of RSR 320. In the illustrative embodiment, RSR 
320 comprises the equipment needed for modutet- 
<o ing/demodulating signals in the radio frequency (RF) 
range from 902 to 928 MHz in order to adapt data sig- 
nals for transmission through the air. A pair of an ten- 
nas serve each lane. After the vehicle passes these 
antennas, the results of the data exchange between 
45 the vehicle transponder and the antennas are visually 

of message display 3 which is dnven by LC 330 under 
cortrolofServerSIOwhichprovidesoneofaplurelity 

so a video camera 4 which is generally used to record 
the identity of vehicles that do not make proper pay- 

"^FIG 5 illustrates the appearance of the trans- 
ponder 600 - a vehicle-mounted unit which commura- 
55 c tes with antennas 1 and 2 to ^J**^ 
and transfer data to/from smart card 500 ^ in- 
serted therein. Transponder 600 attaches to he 
dashboard or windshield (see FIG. 4) of the vehicle 
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via mounting apparatus 610 which rotates to accom- 
modate various mounting positions. The front front 
surface of the transponder includes a slot for receiv- 
ing the smart card, and lights 621, 622, 623 for pro- 
viding visual indications to the motorist. A block dia- 
gram of the interior of transponder 600 is shown in 
FIG. 6. When a smart card is inserted into reader/writ- 
er unit 700, a switch is operated which causes power 
to be applied to the transponder. The transponder 
may be battery powered although the temperature 
range that the battery must endure is formidable. In 
the preferred embodiment of the invention, primary 
power is supplied to the transponder through plug 
601 which connects to the vehicle battery (12 volts) 
via a cigarette lighter receptacle. Power conditioner 
640 converts the 12 volt input power into output pow- 
er at 5.0, 6.5 and 8.0 volts. Microcontroller 650 (illus- 
tratively an Intel 87C51 FC 8-bit microprocessor) in- 
cludes memory (ROM and RAM) which stores oper- 
ating instructions for controlling the operation of the 
transponder. Microcontroller 650 controls visual indi- 
cator 620 which comprises LEDs 621, 622, 623 (see 
FIG. 5), and audible indicator 630 which comprises a 
piezoelectric transducer plus associated oscillators 
and timers.. Microcontroller 650 transmits digital data 
to RF modulator 670 which has a nominal carrier fre- 
quency, of 915 MHz. The modulated RF signal is am- 
plified by amplifier 665 and delivered to transmitting 
antenna 680. Antenna 690 receives RF signals from 
the equipment shown in FIG. 3. These RF signals are 
amplified by amplifier 675, demodulated by RF de- 
modulator 670 and the resulting data is delivered to 
microcontroller 650. Certain data is intended for the 
smart card, either for processing or for storage in the 
smart card's memory; and this data is delivered to 
reader/writer unit 700 over serial data bus 710. 

Smart Card 

Referring now to FIG. 7 there is disclosed a block 
diagram of a smart card 500 and a reader/writer unit 
700 such as used in connection with the present in- 
vention. Although disclosed in greater detail in U.S. 
Patents 4,797,898 and 4,798,322, a brief description 
is presented here. Some of the principal components 
located on smart card 500 are microprocessor 560. 
electrically erasable programmable read-only mem- 
ory (EEPROM) 550, analog interface circuit 540, sec- 
ondary winding 521 of transformer 920, and capaci- 
tive plates 541-544. 

Microprocessor 560 includes a central process- 
ing unit and memory means in the form of random ac- 
cess memory and read-only memory. A microproces- 
sor available from Intel Corporation such as Part No. 
80C51 may be used with the proper programming. 
Operating under firmware control provided by its in- 
ternal read-only memory, the microprocessor 560 
formats data to the EEPROM 550 and to the read- 



er/writer unit 700 via the analog interface circuit 540. 
EEPROMS are available from a number of suppliers. 
Data may be written to or used from an EEPROM re- 
peatedly while operating power is being applied. 
5 When operating power is removed, any changes 
made to the data in the EEPROM remain and are re- 
trievable whenever the smart card 500 is again pow- 
ered. 

The analog interface circuit 540 provides a 

10 means for interfacing smart card 500 with reader/writ- 
er unit 900. Within analog interface 540 are circuits 
responsive to capacitors 541-544, for exchanging 
data with reader/writer unit 900. Power for operating 
the card 500 is provided to the analog interface circuit 

15 540 via inductive transfer, received by the secondary 
winding 521 of transformer 720. This transformer is 
formed when secondary winding 521 is coupled to a 
primary winding 721 within the reader/writer unit 700. 
The transformer 720 may advantageously include a 

20 ferrite core 722 in the reader/writer for increased cou- 
pling between the transformer primary winding 721 
and secondary winding 521. A second such core 522 
may also be included within the smart card portion of 
transformer 720 to further increase coupling eff icien- 

25 cy. The primary winding 721 is driven at a 1.8432 MHz 
rate by power supply 930 whose operation is descri- 
bed with particularity in U.S. Patent 4,802,080 issued 
January 31, 1989. 

Within the reader/writer unit 700, analog inter- 

30 face circuit 740 exchanges data with the smart card 
500 under control of microprocessor 760, Capacitor 
plates 741-744 are aligned with the mating capacitor 
plates 541-544 within the smart card 500. The in- 
put/output serial data interface 750 is basically a uni- 

35 versal asynchronous receiver transmitter (UART) 
which may be advantageously included in the micro- 
processor 760. 

PROCESSING 

40 

Preload 

Users protect their smart card as they protect 
their credit card, typically by carrying it in their wallet. 

45 Advantageously, once the card is removed from the 
transponder, the transponder is no longer operative 
forthe payment of tolls. However, the smart card itself 
continues to be useful for the payment of other goods 
and services. Indeed, there is considerable market- 

50 ing appeal for a card, issued by a regional transpor- 
tation authority, that can be used for the payment of 
related highway services such as roadside tele- 
phones, restaurants, gasoline, and even speeding 
tickets. 

55 As illustrated in FIG. 4, a motorist inserts smart 

card 500 into the transponder 600 sometime before 
having to make an electronic toll payment Typically 
this occurs when he enters the vehicle if a toll booth 
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is expected. Upon insertion of the card, the tan* 
ponder delivers various messages. If the red light 622 
turns on and a long buzz is heard, the card is not be- 
ing inserted correctly. When it is correctly inserted a 
double beep is heard and the transponder then indi- 
cates the money balance available on the card. The 
lights flash to indicate the balance available on the 
card to the nearest dollar. Every flash of green light 
621 means $100, every flash of red light 622 means 
$10 and every flash of yellow light 623 means $1. If 
the 'motorist wishes to learn the balance while the 
card is in the transponder 600. he simply removes and 
reinserts it When the balance falls below a certain 
dollar amount, the yellow light will begin flashing. The 
card should then be taken to the toll authority as soon 
as possible to credit more money into the card. The 
low balance amount is specified at the time of initial- 
ization and can be changed by the toll authority. 

Data Exchange - Overview 



In accordance with the invention, FIG. 8 provides 
an overview of the data exchange between a moving 
vehicle and toll plaza equipment as the vehicle pro- 
gresses through an express payment lane. It is as- 
sumed that the smart card remains positioned within 
the transponder during these data exchanges. Initial- 
ly a loop sensor provides a signal to the Lane Con- 
troller indicating that an oncoming vehicle is within 
the range of antenna 1. The Plaza Serverthen caus- 
es antenna 1 to transmit an activation signal to the 
transponder within the moving vehicle. In response to 
the activation signal, the transponder transmits data, 
comprising the data frames of FIG. 10 and 11. which 
have been preloaded into the microcontroller of the 
transponder fromthe smart card. For improved secur- 
ity the smart card is locked at this time. (Locking 
means that the first byte of the file within the smart 
card that contains its ID number and vehicle dass has 
hexadecimal character FF written into its first byte, 
and the card cannot be used for a new transaction un- 
til this character is removed). At the same time, the 
yellow light on the transponder is turned on to indicate 
that a transaction is pending. 

When this data is received, the Plaza Servergen- 
erates an encryption code which includes an 8-b.t 
random number plus an indication of the time-of-day 
and day-of-year. This information is packed into a 
1 28-bit transponder data frame, comprising the fixed 
data frame of FIG. 10 and the variable data frame of 
FIG 12 and transmitted to the moving vehicle via an- 
tenna 1 . At the same time the Server either uses the 
Card ID number to look up its secret code, or it gen- 
erates the secret code (K) using the Card ID number 
and a secret algorithm. The secret code, the encryp- 
tion code, and the money balance of the smart card 
(when it is used as a debit card) are combined and 
processed using the DES algorithm to generate an 



encrypted number (P') to be compared with an en- 
crypted number (P) generated by the smart carcL 
DES encryption processing occurs dunng the 500 
millisecond interval allocated for transit between an- 
s tenna 1 and antenna 2. (A brief time interval is re- 
quired by the present generation smart card, for ex- 
changing and processing data. This time interval is 
such that a vehicle will have moved too far, at maxi- 
mum speed, to be served by a single antenna) At the 
10 same time still, the Server searches to determine 
whether the Card ID is among its list of lost or stolen 
cards. If it is not, then toll charges are calculated. In 
some situations the toll is a fixed amount, and in other 
situations the toll depends on the location where the 
is moving vehicle enters a limited-access highway. 
Each toll plaza is programmed to write its location into 
the smart card along with the time-of-day that a 
smart card-equipped vehicle passes through. Thus, 
whenever the vehicle arrives at the next toll plaza, toll 
20 charges can be properly calculated. Using this data, 
an acceptance message (such as Indicated In FIG. 
14) is encrypted for transmission to the moving vehi- 
cle Note thatthis Information includes the location of 
the presenttoll plaza, the present time-of-day, a Mack 
25 list bit and the amount to be debited from the card. 
In the situation where a credit card (rather than a deb- 
it card) is used, the transaction amount is stored and 
used only as a record. 

Antenna 2 transmits the encrypted acceptance 
3 o message to the transponder of the moving vehicle 
where this data is decrypted and used to debit the 
card. Additionally, the smart card is unlocked based 
on information in the decrypted message. If. for ex- 
ample, the black list bit indicates that this is a stolen 
3S smart card, it will remain locked. Similarly, if the 
smart card is removed from the transponder between 
antenna 1 and antenna 2 in an attempt to avoid debit 
charges, the card will remain locked. A successful 
transaction concludes with an audible sound indicat- 
40 ing same and the yellow light on the transponder is 
turned off to indicate that the transaction is complete. 

The motorist is notif ied of successful and unsuc- 
cessful transactions by the message display at the 
toll plaza. An unsuccessful transaction would result 
45 when the amount of money in the debit card is inade- 
quate, the card is lost or stolen, the card is removed 
from the transponder before it completes its transmis- 
sion to antenna 2. error in data processing, or some 
other irregularity worthy of attention. In these situa- 
50 lions, the motorist is instructed to pull over to a par- 
ticular toll booth, but if he does not comply the video 
camera is activated to record the identity of the vehi- 
cle. 

Information is exchanged between the trans- 
55 ponder and the Server using the predetermined for- 
mat shown in FIG. 9. This format is used by both the 
transponder and the RSR and comprises 128 bits. 
The transponder data frame includes fixed and van- 
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able portions plus a 16-bit cyclic redundancy code 
(CRC) used to verify the accuracy of transmission. 
The Fixed Data Frame is shown in FIG. 10 and con- 
tains information supplied by the smart card in the 
transponder of the vehicle. The first 16 bits of the 
fixed frame are the used to identify the type of trans- 
ponder being used, the class of vehicle, and the iden- 
tification of the particular smart card. Because im- 
proved transponder design is anticipated, it is neces- 
sary to identify the kind of transponder being used. 
Further, because different classes of vehicles pay dif- 
ferent amounts of toll, it is necessary to identify vehi- 
cle class. Finally, the transmission of smart card ID 
enables use of a credit (rather than debit) card and 
provides improved security against theft and forgery. 
Indeed, the thrust of the present invention is to im- 
prove such security. 

Data Exchange - Detailed 

When the vehicle first enters the toll payment 
area, the Plaza Server stimulates the transponder - 
via an activation signal transmitted by antenna 1 . Data 
are exchanged between the transponder and anten- 
na 1 using amodulated 915 MHz carrier signal. In re- 
sponse, to it he activation signal, the transponder ini- 
tiates a "wake up" call to the microprocessor in the 
smart card, and the transponder sends a 128-bit 
"transponder data frame" to antenna 1. The trans- 
ponderdata frame comprises a fixed frame of 40 bits 
(see FIG. 10), a variable frame of72 bits (see FIG. 11), 
and an error-correcting code of 16 bits. At this time 
there is no encryption, and vehicle identification, 
smart card identification and location information are 
transmitted in clear text. This information is used by 
the Plaza Server for toll calculation. The location in- 
formation is generally written into the smart card by 
Servers located at highway entrances and read by 
Servers located at exits for the calculation of variable 
tolls. 

In response to the above transmission, the Ser- 
ver returns a similar transponder frame to the vehicle, 
however the variable data frame transmitted is now 
shown in FIG. 1 2 and includes a 1 6-bit time/date num- 
ber and an 8-bit "random" number. In the preferred 
embodiment of the invention, they cooperate to form 
an encryption code. The time/date number represents 
the number of ten minute increments that have tran- 
spired since January 1 of the current year using 
Greenwich Mean Time. Further, the "random" num- 
ber comprises eight bits which provide up to 256 dif- 
ferent bit patterns that can be used to encode the data 
exchange between the transponder and the Server. 
The "random" number is periodically changed to foil 
scoundrels who would record such data exchanges 
and then replay them to avoid toll payments. The en- 
cryption code therefore comprises a predictable por- 
tion and a non- predictable portion where the predict- 



able portions repeat yearly. What this means is that 
a different encryption code is guaranteed every ten 
minutes of the year, and that within that ten minute 
period, one of 256 possible codes will be operative. 
5 And although next year at the same time, a known 
portion (time/date number) of the encryption code will 
be repeated, there is only a small chance (1 in 256) 
that it will be the same as the previous year. Alterna- 
tively, bits 9-72 in FIG. 12 can all be randomly select- 
to ed for even greater security. 

The vehicle transponder now has all the neces- 
sary information to encrypt data for transmission to 
antenna 2. At this time, the smart card is locked to 
prevent the possibility of removal before it can be 
15 properly debited. If the card is otherwise acceptable, 
as determined by the Server, it is unlocked when an- 
tenna 2 completes the debit process. "Locking" 
means that the smart card cannot be used for any 
payment until is it returned to the card issuer and un- 
20 locked. Locking also takes place when the card is 
identified as being a lost or stolen card and a "finder" 
attempts to use it. Briefly, the significant information 
received from antenna 1 during the activation mode 
is the encryption code which, illustratively, includes 
25 the time/date number and the random number con- 
tained in the variable data frame. 

Activation Processing 

30 An encryption technique t hat has gained wide ac- 

ceptance is the Data Encryption Standard (DES) and 
is intended for implementation in special purpose 
electronic devices. In 1977, the National Bureau of 
Standards (now NIST) issued DES as a Federal stan- 

35 dard, and the National Security Agency has certified 
new products using the standard. While a relatively 
brief discussion of the application of DES to the in- 
vention is set forth below, a more comprehensive 
treatment is set forth in the January 15, 1977 Federal 

40 Information Processing Standards Publication 46 
(FIPS 46), entitled "Specifications for the Data En- 
cryption Standard." 

DES is a private-key scheme in which both en- 
crypting and decrypting keys are identical and secret. 

45 DES operates on data in blocks of 64-bits, sending it 
through 16 stages of the algorithm before exiting as 
a 64-bit ciphertext Encryption relies heavily on prop- 
er management of keys - 1 he strings of characters that 
must be input to the algorithms before encryption or 

50 decryption can take place. The DES algorithm D en- 
crypts a 64- bit message M into ciphertext C - a proc- 
ess that is mathematically stated by the equation C 
= D(M). The output signal is available in 64-bit-wide 
binary form for delivery to the destination station. 

55 DES proceeds by rearranging (permuting) a 64- 

bit message according to a known pattern in an oper- 
ation akin to shuffling cards. The permuted block of 
64-bits is now split into two blocks, each comprising 
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32-bits in an operation akin to cutting the cards. At this 
point, the card shuffling analogy fails because math- 
ematical operations (modulo 2 addition) and cipher 
function (f) are introduced along with a key K ^Vdues 
for Ki K 16 are selected in accordance with 16 differ- 
ent predetermined schedules whereby each ^ com- 
prises an ordered set of 48-bits chosen from the 64- 
bit key. Cipher function (f) denotes an operation flM, 
K) in which a portion (32 bits) of the message M is 
modulo-2 combined with a portion (48 bits) of the key 
K certain predetermined bits are discarded from the 
resulting combination so that only 32 bits rema.n. 
Cipher function (f) is performed 16 times using differ- 
ent portions of M and K. 

Transaction Processing 



Although OES is used in the preferred embodi- 
ment of the invention, other encryption algorithms 
are possible. Applying DES to the present invention 
entails using the last 64 bits (bits 9-72) of the variable 
data frame (i.e., the encryption code) as the message 
M and a 64-blt secret code as the key K. Note that a 
secret code is stored In the memory of each smart 
card In the preferred embodiment of the invention, 
the secret code is different for each smart card al- 
though such uniqueness is not required. The secret 
code is known to the Plaza Server through a look-up 
table that associates the Card ID with the secret 
code. Alternatively, the Plaza Server can derive the 
secret code from the Card ID using a secret algo- 
rithm, and thereby avoid having to store the secret 
code for each smart card. 

Reference is now made to FIG. 13 which shows 
the variable data frame transmitted from the vehicle 
to antenna 2. Included in this data frame are bits 9-24 
which is the time/date information just transmitted by 
antenna 1 , bits 33-48 which represent the money bal- 
ance remaining in the smart card when used as a deb- 
it card and bits 65-72 which is the random number 
justtra'nsmrttedbyantenna1.Bits9-72ofthevariable 

data frame correspond to message M and are en- 
crypted by the microprocessor in the smart card ac- 
cording to the DES algorithm. The secret code stored 
in the memory of the smart card is used as the key 
K during DES encryption. Such encryption provides 
the advantage that if the entire transmission (veh.de 
to antenna 1 and vehicle to antenna 2) is recorded by 
electronic eavesdropping, it can only be fraudulently 
rebroadcast by another vehicle for the next ten min- 
utes at most In the preferred embodiment, however, 
the Plaza Server changes the random number for 
each new vehicle, and fraudulent rebroadcasting of 
intercepted information is virtually eliminated. 

FIG 14 discloses the variable data frame trans- 
mitted from antenna 2 to the vehicle which completes 
the transaction. As indicated above, the present loca- 
tion and time-of-day are transmitted for storage in the 



smart card memory. Such information is most useful 
when it identifies the entrance location of a limited ac- 
cess highway. Also transmitted is a repeat of the mon- 
ey balance of the card and the transaction amount to 
5 bedebited-lnthecasewherethesmartcardisadebrt 
card the transaction amount is used to decrease ite 
money balance; and in the case where the smart card 
is a credit card, the transaction amount is merely stor- 
ed as an electronic receipt In either event this mes- 
10 sage is known as the acceptance message and it in- 
cludes a "Black tist Bit" and a "Grey tist Bit' which are 
used to keep the smart card locked when the Plaza 
Server determines that further use of the smart card 
is inappropriate. It is finally noted that this accep- 
ts tance message is encrypted using the same encryp- 
tion code (random number and time/date number) to 
enhance system security. 

Although a particular embodiment has been 
shown and described, it is understood that various 
20 modificationscanbemadewithinthespiritandscope 
of the invention. These modifications include, but are 
not limited to, the use of encryption algorithms other 
than DES having greater or lesser security, building 
the smart card function into the transponder unit in a 
25 non-portable manner, the use of other predictable or 
non-predictable numbers as the encryption code; the 
use of different data structures within the transpond- 
er data frame; and the use of a single antenna at the 
toll plaza to communicate with the moving vehide. 
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Claims 

1 In a toll collecting system comprising a first trans- 
35 ceiver (600) which is located in a moving vehicle 
(50) and a second transceiver (320) which is lo- 
cated at a relatively fixed location on a roadway, 
a secure method for collecting tolls from the mov- 
ing vehide comprising the steps of: 
to generating an encryption code at the sec- 

ond transceiver, 

transmitting the encryption code to the 

f irst transceiver, 

storing payment information and a prede- 
45 termined encryption algorithm in the first trans- 
ceiver 

encrypting the payment information, using 
the encryption code, in accordance with the pre- 
determined algorithm; 
so transmitting the encrypted payment infor- 

mation to the second transceiver, and 

verifying the encrypted payment informa- 
tion at the second transceiver. 

55 2. The method of daiml further induding the steps 

encrypting an acceptance message atthe 
second transceiver, and 
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transmitting the encrypted acceptance 
message to the first transceiver. 

3. The method of claim 1 wherein the first transceiv- 
er (600) includes a removable debit card (500) 5 
which stores a money balance available for mak- 
ing payments, the method further including the 
following steps that take place at the first trans- 
ceiver: 

locking the debit card while data is being to 
exchanged with the second transceiver; and 

unlocking the debit card in response to the 
encrypted acceptance message from the second 
transceiver (320). 

15 

4. The method of claim 1 wherein the encryption 
code includes a sequence of digits which 
changes in an unpredictable manner. 

5. The method of claim 1 wherein the encryption 20 
code comprises a sequence of digits which 
changes in a predictable manner. 

6. The method of claim 5 wherein the sequence of 
digits-comprises an indication of the time-of-day 25 
and/or day-of-year. 

7. The method of claim 1 wherein the encryption 
code comprises a first sequence of digits which 
changes in a random manner, and a second se- 30 
quence of digits which changes in a non-random 
manner. 

8. The method of claim 1 wherein the predeter- 
mined encryption algorithm comprises the Data 35 
Encryption Standard. 

9. The method of claim 1 wherein the second trans- 
ceiver (320) comprises a pair of spaced-a part an- 
tennas (1 , 2) and a computer (330) for controlling 40 
same, said antennas being sequentially posi- 
tioned along a payment lane (20) of the roadway. 

10. The method of claim 1 wherein the first transceiv- 
er (600) comprises a transponder unit and a 45 
smart card which is inserted therein; the smart 
card storing the payment information and the en- 
cryption algorithm. 

11. The method of claim 10 wherein the payment in- so 
formation includes a secret code that is associat- 
ed with the smart card and is known to the sec- 
ond transceiver. 

12. The method of claim 11 wherein the payment in- 55 
formation further includes a money balance 
which is reduced by making toll payments. 



*A2 16 

13. A secure toll collection system for moving vehi- 
cles (50) including roadside communication ap- 
paratus (1, 2, 310, 320, 330) and vehicle-mount- 
ed apparatus (600) for transmitting/receiving ra- 
dio frequency signals to/from each other, 

the roadside communication apparatus 
comprising: 

a first antenna (1) for transmitting an en- 
cryption code to the moving vehicle; 

a second antenna (2), spaced apart from 
the first antenna, for receiving encrypted pay- 
ment information from the moving vehicle; 

data processing means (310, 330), com- 
municatively connected to the first and second 
spaced-apart antennas, for periodically changing 
the encryption code and for verifying the authen- 
ticity of the encrypted payment information, 

the vehicle-mounted apparatus compris- 
ing: 

means (550) for storing payment informa- 
tion, a secret code, and a predetermined algo- 
rithm; 

means (560) for encrypting the payment 
information in accordance with the predeter- 
mined algorithm and the encryption code; and 

means (600) for transmitting the encrypt- 
ed payment information to the second antenna. 

14. The secure toll collecting system of claim 13 
wherein the vehicle-mounted apparatus compris- 
es a transponder unit (600) and a smart card 
(500). 
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FIG. 1 
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FIG. 6 
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FIG. 7 
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FIG. 9 
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FIG. 11 
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FIG. 13 
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@ Secure toll collection system for moving vehicles. 

@ A secure toll payment system is realized by 
transmitting a changeable encryption code 
from roadside equipment (1,2,310,320,330) at a 
toll plaza to a moving vehicle. Thereafter, the 
moving vehicle uses it to encrypt payment infor- 
mation according to the Data Encryption Stan- 
dard algorithm. The moving vehicle transmits 
the encrypted payment information to the road- 
side equipment which performs a credit or debit 
transaction. Because the encryption code 
changes from time to time, so, too, does the 
nature of the signal which is transmitted by the 
vehicle ; fraud, based on electronic eavesdrop- 
ping, is substantially eliminated. The encryption 
code comprises an 8-bit random number and a 
time/date number. Vehicle-mounted apparatus 
includes a transponder unit and a portable 
smart card which inserts therein. The roadside 
equipment includes a pair of spaced-apart 
antennas (1,2) that are sequentially located 
along an express payment lane at a toll plaza, 
and a computer (310) which controls them. 
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